e15152970f895f791d308e15b6257d8a_JaffaCakes118

General

Target

e15152970f895f791d308e15b6257d8a_JaffaCakes118
Size

271KB
MD5

e15152970f895f791d308e15b6257d8a
SHA1

c51816753debd5f0fb0867caaf4c33ab7aa4d5a2
SHA256

a26d8a96cb183a283c0bb67e967d42e286e1fa5da441c1ca66758fcaacf04887
SHA512

ee663b26dc8904dba6f938c0afc1c1e5b26a71e771908556c6b029e569bc188d84081d6d5a13c7bc8b8733796a9525168ffd86e62723a5edd0026fdf9a4f3085
SSDEEP

6144:YSQbZw05D4+XumMrC9aE0vaf32Zk/M8DoFv6kzih0c:RUZPD4KuxgZx8qM9bWS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e15152970f895f791d308e15b6257d8a_JaffaCakes118

Files

e15152970f895f791d308e15b6257d8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce132749239f474fde70ebcaa82ab4f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetPartW
UrlCanonicalizeW
PathCombineW
UrlApplySchemeW
UrlCombineW
PathAppendW

msimg32

TransparentBlt

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

GetThreadLocale
GetACP
GetStdHandle
CreateFileW
LocalAlloc
GetStartupInfoA
HeapFree
TerminateProcess
lstrlenA
GetEnvironmentVariableA
HeapDestroy
LoadLibraryExW
QueryPerformanceCounter
LoadLibraryW
HeapReAlloc
GetSystemTime
HeapSize
InterlockedCompareExchange
EnumResourceTypesW
Sleep
GetCurrentProcessId
RaiseException
MultiByteToWideChar
CreateProcessA
SetUnhandledExceptionFilter
GetLocaleInfoA
lstrlenW
WriteFile
HeapFree
GetSystemTimeAsFileTime
ResetWriteWatch
InterlockedExchange
SystemTimeToFileTime
IsDebuggerPresent
GetCurrentThreadId
GetModuleHandleA
UnhandledExceptionFilter
GetCurrentProcess
GetTickCount
HeapAlloc
CloseHandle
WideCharToMultiByte
GetProcessHeap
lstrcpynW

wtsapi32

WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW
WTSRegisterSessionNotification

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce132749239f474fde70ebcaa82ab4f4

Headers

File Characteristics

Imports

shlwapi

msimg32

oleacc

kernel32

wtsapi32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 137KB

.data Size: 166KB - Virtual size: 166KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 137KB

.data
Size: 166KB - Virtual size: 166KB

.rsrc
Size: 512B - Virtual size: 4KB